Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.

You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.

Does anyone know a way to encrypt a USB drive, without having to have admin rights to read it again? As far as I can see, TrueCrypt only works if you either have admin privileges, or if TrueCrypt is already installed on the host machine. In other words, TrueCrypt isn't truly "portable" as you can't guarantee either situation in a college or library, say. The TrueCrypt docs point out that it has to install a device driver, hence the need for installation rights, and that admins can "see" what you've been typing, including your passwords. In fact I'm more interested in securing the drive against students and casual users rather than admins gone to the bad. I doubt I'd outwit those anyway...

By contrast, AxCrypt, from reading their Web site, seems to work file by file, though at least they offer a portable decrypter. I'd rather encrypt the whole volume in one go. Is there a reasonably easy way to do this, please?

If you mean for Flash Drives, some manufacturers offer a utility that will allow you to partition the drive into secure/unsecured areas. Then when you run the program and enter the password the unsecured area gets demounted and the secured unlocked and mounted. eg. Imation Flash Drives, Astone' FlashUtility.

These might not require Admin Rights, (at least ImationLOCK didn't cause UAC to pop up on W7), but they aren't exactly encryption either.

Have you checked the manufacturers site?

Otherwise, see f0dder' answer.

Logged

I do not need to control my anger ... people just need to stop pissing me off!

If you mean for Flash Drives, some manufacturers offer a utility that will allow you to partition the drive into secure/unsecured areas. Then when you run the program and enter the password the unsecured area gets demounted and the secured unlocked and mounted. eg. Imation Flash Drives, Astone' FlashUtility.

Forget about those - most of those "secure" drives can currently be easily bypassed. Some of them don't have any kind of encryption, others have the flash cell contents encrypted but effectively always use the same passphrase - useless.

AxCrypt is apparently good, but keep in mind that it's a usermode solution - meaning that to access the files, they have to be temporarily decrypted. This means the possibility of leaving residue on the computer where you're accessing the files; even if the temporary files are overwritten/wiped, it does mean they're temporarily available in plaintext... and if you're modifying them with a program that uses "save-to-tempfile-then-rename" in order to achieve safe saves, then wiping will not get rid of that residue. Also, if the target system is using an SSD, wear leveling means that the old data will be available.

I think Safehouse Explorer from Safehouse software works without Admin rights. A bit more limited (you cannot edit files from the container, you have to extract them on the Desktop for instance) but it works. I like their products a lot. Oh, and it's free. The full Safehouse suite is payware.

I think Safehouse Explorer from Safehouse software works without Admin rights. A bit more limited (you cannot edit files from the container, you have to extract them on the Desktop for instance) but it works. I like their products a lot. Oh, and it's free. The full Safehouse suite is payware.

AFAIK, AxCrypt encrypts file by file, while SHE creates a container accessible through the application. If you have admin rights, you may install a driver (that can be removed from Add/Remove Panel) that turns the mounted container into a virtual with a letter.

This is not really a helpful comment, but related:When I first got my usb drive last year, I looked into making things encrypted on it. All the solutions were such a pain in the butt that I said "F--k it!" Sure, there is stuff on there I'd rather not have people see, but nothing that will kill me. The only stuff I was truly concerned about were my passwords. But I use RoboForm which has pretty strong encryption in the program and is pretty safe.

Thanks for the suggestions. I should have thought out what I wanted a bit better, though your posts are helping me do that. I occasionally use the USB key at college and the public library. I'm not really expecting industrial-strength security. I want to (1) prevent average users accessing payware programs on my USB key, (2) prevent same accessing certain files, and (3) should I lose the key, or forget and leave it behind, plugged into a machine (mine are all on cables, so they're more obvious than usual), then no-one, not even a sysadmin (who hadn't already sniffed the password) could access any secure area. That seems to mean I'd be better off with a TrueCrypt-type secure container to stop (1) and (3) while still making the programs accessible to me. For (2) I could use AxCrypt or equivalent, but even then it would (probably) be a pain while doing things like digital photography evening class where I want to access lots of files, so an encrypted container would still be best. Ideally it would lock itself after a given period of inactivity.

I suppose I should add the obvious - I don't usually have admin rights on the PCs I would in these situations be using.

Like superboyac I use RoboForm, and KeePass, and one of my MemPad files is also encrypted using Windows' built-in system. I could leave those outside the container.

I notice that some encryption programs are fairly expensive. The ones that have free and payware versions seem to limit the container size in the free version as an incentive to upgrade. Rohos, for example, is 2GB. But that seems quite a bit on a USB drive which isn't enormous anyway.

Sidenote: I love Roboform2Go (the portable version). Such a great thing. All your passwords are with you and you don't have to worry too much about losing your usb drive. If you do need to keep a few other things secure, you can use Roboform's note capabilities. But if you actually need secure/encrypted files beyond that, it's going to be a pain in the butt.

Thanks for the suggestions. I should have thought out what I wanted a bit better, though your posts are helping me do that. I occasionally use the USB key at college and the public library. I'm not really expecting industrial-strength security. I want to (1) prevent average users accessing payware programs on my USB key, (2) prevent same accessing certain files, and (3) should I lose the key, or forget and leave it behind, plugged into a machine (mine are all on cables, so they're more obvious than usual), then no-one, not even a sysadmin (who hadn't already sniffed the password) could access any secure area. That seems to mean I'd be better off with a TrueCrypt-type secure container to stop (1) and (3) while still making the programs accessible to me.

For (1) and (2), isn't the problem with using a encrypted container that once you have entered the passphrase everything in it will be decrypted and accessible?

If you wander away from the computer, (eg. to look at a reference book), then anyone will be able to access what's on it until you return, (or nick it).

I think the main problem is (3) for which there is a simple solution: go to a hardware shop, buy one of those retractable key chains, attach it to your belt/pants and the flash drive. Job Done!

Other than that, if you want true container-like encryption without Admin Rights then, I believe, you're restricted to using a flash drive with always-on hardware encryption.

Logged

I do not need to control my anger ... people just need to stop pissing me off!

(1) prevent average users accessing payware programs on my USB key, (2) prevent same accessing certain files, and (3) should I lose the key, or forget and leave it behind,

For (1) and (2), isn't the problem with using a encrypted container that once you have entered the passphrase everything in it will be decrypted and accessible?

True, but, there has to be some balance between security and accessibility if I'm going to use a USB key at all.

Quote

If you wander away from the computer, (eg. to look at a reference book), then anyone will be able to access what's on it until you return, (or nick it).

True again, but see above: and I'm hoping that if anyone does steal it, they won't be able to access it ever again because they won't know the password. That is, I'm assuming that if they plug it into another PC, the encryption will hold. Also I'm assuming that one can set a timeout, so that if I don't access it for a while, I'd have to re-enter the password. I do that with KeePass, even at home.

Quote

I think the main problem is (3) for which there is a simple solution: go to a hardware shop, buy one of those retractable key chains, attach it to your belt/pants and the flash drive. Job Done!

I hadn't thought of that Not sure how practical it is, though; it would tie me to the computer as well. Unless you have a chain long enough to reach to the toilet at the other end of the corridor

Quote

you're restricted to using a flash drive with always-on hardware encryption.

And, as I said earlier, Safehouse Explorer also proposes container encryption without admin rights. The only trick I know is to get the full application, not the installer, which tries to install a driver.